053试题 51 - sec_protocol_error_further_action 参数

admin管理员组

文章数量:1608598

题目：

51.To control the execution of a server process when it is receiving bad packets from a potentially
malicious client, you set the SEC_PROTOCOL_ERROR_FURTHER_ACTION initialization parameter as follows:
SQL> ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = Drop,10;
What is the significance of this setting?
A. It terminates the client connection after 10 bad packets and the client cannot reconnect to the same instance.
B. It terminates the client connection after 10 bad packets but the client can still reconnect, and attempt the same operation again.
C. It terminates the client connection 10 seconds after receiving a bad packet and the client cannot reconnect to the same instance.
D. It terminates the client connection after receiving a bad packet and the client can reconnect to the same instance after 10 minutes.

参考答案 B
解析
题目意思是，当控制从潜在的恶意的客户端接收坏的package的时候，设置了参数sec_protocol_eror_futher_action为 “drop 10” 。
问这样设置的意义。

根据参考文档的描述，选择B 。

参考文档：

https://docs.oracle/cd/E11882_01/network.112/e36292/app_devs.htm#DBSEG160

Terminating or Resuming Server Execution After Receiving a Bad Packet

After Oracle Database detects a client or server protocol error, it must continue execution. However, this could subject the server to further bad packets, which could lead to disk flooding or denial-of-service attacks.

You can control the further execution of a server process when it is receiving bad packets from a potentially malicious client by setting the SEC_PROTOCOL_ERROR_FURTHER_ACTION initialization parameter to one of the following values:

• Continue (default setting): Continues the server execution. However, be aware that the server may be subject to further attacks.

  For example:

  SEC_PROTOCOL_ERROR_FURTHER_ACTION = Continue
  

• Delay,m: Delays the client m seconds before the server can accept the next request from the same client connection. This setting prevents malicious clients from excessively using server resources while legitimate clients experience a degradation in performance but can continue to function.

  For example:

  SEC_PROTOCOL_ERROR_FURTHER_ACTION = Delay,3
  

• Drop,n: Forcefully terminates the client connection after n bad packets. This setting enables the server to protect itself at the expense of the client, for example, loss of a transaction. However, the client can still reconnect, and attempt the same operation again.

  For example:

  SEC_PROTOCOL_ERROR_FURTHER_ACTION = Drop,10
  

https://docs.oracle/cd/E11882_01/server.112/e40402/initparams227.htm#REFRN10282

SEC_PROTOCOL_ERROR_FURTHER_ACTION

SEC_PROTOCOL_ERROR_FURTHER_ACTION specifies the further execution of a server process when receiving bad packets from a possibly malicious client.

Values:

• CONTINUE

  The server process continues execution. The database server may be subject to a Denial of Service (DoS) if bad packets continue to be sent by a malicious client.

• (DELAY,integer)

  The client experiences a delay of integer seconds before the server process accepts the next request from the same client connection. Malicious clients are prevented from excessive consumption of server resources while legitimate clients experience a degradation in performance but can continue to function.

• (DROP,integer)

  The server forcefully terminates the client connection after integer cumulative bad packets. The server protects itself at the expense of the client (for example, a client transaction may be lost). The client may reconnect and attempt the same operation.

END

本文标签： 试题参数secprotocolerrorfurtheraction